Vulnerabilities > Hitachienergy > Low

DATE CVE VULNERABILITY TITLE RISK
2024-10-29 CVE-2024-41156 Improper Cross-boundary Removal of Sensitive Data vulnerability in Hitachienergy Tro610 Firmware, Tro620 Firmware and Tro670 Firmware
Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats.
network
low complexity
hitachienergy CWE-212
2.7
2.7
2020-04-02 CVE-2019-19090 Missing Encryption of Sensitive Data vulnerability in Hitachienergy Esoms 4.0/6.0/6.0.2
For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header.
network
low complexity
hitachienergy CWE-311
3.5
3.5
2020-04-02 CVE-2019-19092 Missing Authentication for Critical Function vulnerability in Hitachienergy Esoms
ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC).
network
low complexity
hitachienergy CWE-306
3.5
3.5